Akile Monitor 服务部署在K8S上,通过NodePort方式暴露API server,Websocket 内部3000端口 -> 外部端口30010 ,前端Caddy 内部80端口 -> 外部端口 30011
Nginx 反代 30010 ,30011 ,通过域名的方式调用。
一、拉取github上的源码
git clone https://github.com/akile-network/akile_monitor.git
二、制作Docker镜像
docker build --target server --tag akile_server:v1 .
docker build --target fe --tag akile_fronted:v1 .
docker build --target client --tag akile_agent:v1 .
三、编写相关yaml文件
1、Namespace
apiVersion: v1
kind: Namespace
metadata:
name: akile-monitor
2、ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: akile-monitor-config
namespace: akile-monitor
labels:
app: akile-monitor
data:
TZ: "Asia/Shanghai"
AUTH_SECRET: "crazy123."
LISTEN: ":3000"
ENABLE_TG: "false"
TG_TOKEN: "your_telegram_bot_token"
HOOK_URI: "/hook"
UPDATE_URI: "/monitor"
WEB_URI: "/ws"
HOOK_TOKEN: "hook_token"
TG_CHAT_ID: "0"
SOCKET: "wss://tz.xxxx.xyz/ws"
# 因为我用了nginx作反代,且使用了tls,这里需要用到域名去填写,
# 如用ip,或http, 请使用 ws://xxx.xxx.xxx.xxx/ws
APIURL: "https://tz.xxxx.xyz"
# 如上,普通ip,或http,请使用 http://xxx.xxx.xxx.xxx:3000
# 此处用了nginx反代了3000端口的api
3、Deployment - Server
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: akile-monitor-server
namespace: akile-monitor
labels:
app: akile-monitor-server
spec:
replicas: 1
selector:
matchLabels:
app: akile-monitor-server
template:
metadata:
labels:
app: akile-monitor-server
spec:
containers:
- name: akile-monitor-server
image: docker.io/library/akile_server:v1
ports:
- containerPort: 3000
env:
- name: TZ
value: "Asia/Shanghai"
envFrom:
- configMapRef:
name: akile-monitor-config
volumeMounts:
- name: db-storage
mountPath: /app/ak_monitor.db
- name: timezone
mountPath: /etc/localtime
volumes:
- name: db-storage
hostPath:
path: /opt/akile_monitor/k8s/data/ak_monitor.db
# 该db文件,需要提前建/opt/akile_monitor/k8s/data/ak_monitor.db
- name: timezone
hostPath:
path: /etc/localtime
4、Service - Server
---
apiVersion: v1
kind: Service
metadata:
name: akile-monitor-server-service
namespace: akile-monitor
spec:
selector:
app: akile-monitor-server
ports:
- protocol: TCP
port: 3000
targetPort: 3000
nodePort: 30010
# 采用NodePort的目的是因为我的nginx在另外一个主机上,两台主机通过内网IP互通。
type: NodePort
5、Deployment - Fronted
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: akile-monitor-fe
namespace: akile-monitor
labels:
app: akile-monitor-fe
spec:
replicas: 1
selector:
matchLabels:
app: akile-monitor-fe
template:
metadata:
labels:
app: akile-monitor-fe
spec:
containers:
- name: akile-monitor-fe
image: docker.io/library/akile_fronted:v1
ports:
- containerPort: 80
envFrom:
- configMapRef:
name: akile-monitor-config
6、Service - Fronted
---
apiVersion: v1
kind: Service
metadata:
name: akile-monitor-fe-service
namespace: akile-monitor
spec:
selector:
app: akile-monitor-fe
ports:
- protocol: TCP
port: 80
targetPort: 80
- nodePort: 30011
type: NodePort
四、nginx配置文件
upstream akile-fronted-80 {
server 10.0.0.213:30011;
keepalive 512;
}
upstream akile-ws-3000 {
server 10.0.0.213:30010;
keepalive 512;
}
server {
listen 443 ssl;
http2 on;
server_name tz.xxxxx.xyz; #你的域名
ssl_certificate /etc/nginx/cert/xxxxx.xyz/fullchain.pem; #证书位置
ssl_certificate_key /etc/nginx/cert/xxxxx.xyz/privkey.pem; #私钥位置
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
access_log /var/log/nginx/akile-access.log main;
error_log /var/log/nginx/akile-error.log;
# 反代前端静态资源
location / {
proxy_set_header Host $host;
proxy_set_header Origin https://$host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
proxy_pass http://akile-fronted-80;
}
# 反代 api server的 info 和 delete路径
location ~ ^/(info|delete)$ {
proxy_pass http://akile-ws-3000;
}
# 反代websocket的 ws和monitor路径
location ~ ^/(ws|monitor)$ {
proxy_pass http://akile-ws-3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $http_host;
}
}
五、Deployment - Agent
apiVersion: apps/v1
kind: Deployment
metadata:
name: akile-monitor-client
namespace: akile-monitor
labels:
app: akile-monitor-client
spec:
replicas: 1
selector:
matchLabels:
app: akile-monitor-client
template:
metadata:
labels:
app: akile-monitor-client
spec:
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: akile-monitor-client
image: docker.io/library/akile_agent:v1
env:
- name: TZ
value: "Asia/Shanghai"
- name: AUTH_SECRET
value: "crazy123"
- name: URL
value: "ws://akile-monitor-server-service:3000/monitor"
- name: NET_NAME
value: "enp0s6"
- name: NAME
value: "SG-Oracle-No2"
volumeMounts:
- name: dev
mountPath: /host/dev
volumes:
- name: dev
hostPath:
path: /dev
hostNetwork: true
六、成果截图
